Page MenuHomePhabricator
Create Task
Maniphest T291585

Bullseye VMs have some issue with sssd
Closed, ResolvedPublic
Actions

Description

Every bullseye VM I've checked has failures for sssd. The importance of which, I am not sure of yet.

If you run systemctl list-units, you'll see:

● sssd-nss.socket                                                                              loaded failed failed    SSSD NSS Service responder socket
  sssd-pac.socket                                                                              loaded active listening SSSD PAC Service responder socket
● sssd-pam-priv.socket                                                                         loaded failed failed    SSSD PAM Service responder private socket
● sssd-ssh.socket                                                                              loaded failed failed    SSSD SSH Service responder socket
● sssd-sudo.socket                                                                             loaded failed failed    SSSD Sudo Service responder socket

I can still sudo and log in. I have no idea what the real impact of this failure is. Since mounting the sockets are 100% how containers connect to sssd, it may have a bigger effect on k8s workers and things like that in the future. It seemed worth making a ticket and recording the issue at least.

Details

SubjectRepoBranchLines +/-
ldap::sssd: Don't specify services on bullseyeoperations/puppetproduction+34 -1
Customize query in gerrit

Event Timeline

Bstorm created this task.Sep 22 2021, 5:56 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 22 2021, 5:56 PM
gerritbot added a comment.Sep 27 2021, 9:32 AM

Change 724003 had a related patch set uploaded (by David Caro; author: David Caro):

[operations/puppet@production] ldap::sssd: Don't specify services on bullseye

https://gerrit.wikimedia.org/r/724003

gerritbot added a project: Patch-For-Review.Sep 27 2021, 9:32 AM
gerritbot added a comment.Sep 28 2021, 12:40 PM

Change 724003 merged by David Caro:

[operations/puppet@production] ldap::sssd: Don't specify services on bullseye

https://gerrit.wikimedia.org/r/724003

Stashbot added a comment.Sep 28 2021, 12:40 PM

Mentioned in SAL (#wikimedia-cloud) [2021-09-28T12:40:48Z] <dcaro> Merged change on sssd for bullseye cloud hosts (T291585)

Maintenance_bot removed a project: Patch-For-Review.Sep 28 2021, 1:10 PM
dcaro closed this task as Resolved.Sep 29 2021, 7:30 AM
dcaro claimed this task.
dcaro edited projects, added cloud-services-team (zz-archived1); removed cloud-services-team (Kanban).
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL